Overview

A config rule that checks whether AWS Secrets Manager secret has rotation enabled. The rule also checks an optional maximumAllowedRotationFrequency parameter. If the parameter is specified, the rotation frequency of the secret is compared with the maximum allowed frequency.

Configuration Templates

Items
1
Size
0.7 KB
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  ConfigRule:
    Type: 'AWS::Config::ConfigRule'
    Properties:
      ConfigRuleName: secretsmanager-rotation-enabled-check
      Description: >-
        A config rule that checks whether AWS Secrets Manager secret has
        rotation enabled. The rule also checks an optional
        maximumAllowedRotationFrequency parameter. If the parameter is
        specified, the rotation frequency of the secret is compared with the
        maxi...
      Scope:
        ComplianceResourceTypes:
          - 'AWS::SecretsManager::Secret'
      Source:
        Owner: AWS
        SourceIdentifier: SECRETSMANAGER_ROTATION_ENABLED_CHECK
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Template

Rule Parameters

 
* Required field

Sources and Documentation

Configuration Source: AWS Documentation

Additional Documentation:

© 2020 asecurecloud Inc. All Rights Reserved.